public function onPost()
{
try {
$email = $this->post->email('string', array(new Filter\Length(3, 64), new Filter\Email()));
$captcha = $this->post->captcha('string');
// check captcha if anonymous
$captchaProvider = Captcha::factory($this->config['amun_captcha']);
if (!$captchaProvider->verify($captcha)) {
throw new Exception('Invalid captcha');
}
if (!$this->validate->hasError()) {
$handler = $this->getHandler('AmunService\\User\\Account');
$account = $handler->getOneByIdentity(sha1($this->config['amun_salt'] . $email), array('id', 'name', 'status', 'email'), Sql::FETCH_OBJECT);
if ($account instanceof Account\Record) {
if (!in_array($account->status, array(Account\Record::NORMAL, Account\Record::ADMINISTRATOR))) {
throw new Exception('Account has an invalid status');
}
if (!empty($account->email)) {
$token = Security::generateToken();
$link = $this->page->getUrl() . '/login/resetPw?token=' . $token;
$date = new DateTime('NOW', $this->registry['core.default_timezone']);
// update status
$account->setStatus(Account\Record::RECOVER);
$account->setToken($token);
$handler->update($account);
// send mail
$values = array('account.name' => $account->name, 'host.name' => $this->base->getHost(), 'recover.ip' => $_SERVER['REMOTE_ADDR'], 'recover.link' => $this->page->getUrl() . '/resetPw?token=' . $token, 'recover.date' => $date->format($this->registry['core.format_date']));
$mail = new Mail($this->registry);
$mail->send('LOGIN_RECOVER', $account->email, $values);
$this->template->assign('success', true);
} else {
throw new Exception('No public email address is set for this account');
}
} else {
throw new Exception('Account does not exist');
}
} else {
throw new Exception($this->validate->getLastError());
}
} catch (\Exception $e) {
$this->template->assign('error', $e->getMessage());
}
}
public function onGet()
{
try {
$token = $this->get->token('string', array(new Filter\Length(40, 40), new Filter\Xdigit()));
if ($token !== false) {
$handler = $this->getHandler('AmunService\\User\\Account');
$account = $handler->getRecoverByToken($token);
if ($account instanceof Account\Record) {
if (!empty($account->email)) {
if ($_SERVER['REMOTE_ADDR'] == $account->ip) {
$security = new Security($this->registry);
$pw = $security->generatePw();
$date = new DateTime('NOW', $this->registry['core.default_timezone']);
$account->setStatus(Account\Record::NORMAL);
$account->setPw($pw);
$handler->update($account);
// send mail
$values = array('account.name' => $account->name, 'account.pw' => $pw, 'host.name' => $this->base->getHost(), 'recover.link' => $this->page->getUrl(), 'recover.date' => $date->format($this->registry['core.format_date']));
$mail = new Mail($this->registry);
$mail->send('LOGIN_RECOVER_SUCCESS', $account->email, $values);
$this->template->assign('success', true);
} else {
throw new Exception('Recover process was requested from another IP');
}
} else {
throw new Exception('No public email address is set for this account');
}
} else {
throw new Exception('Invalid token');
}
} else {
throw new Exception('Token not set');
}
} catch (\Exception $e) {
$this->template->assign('error', $e->getMessage());
}
}
public function onPost()
{
try {
$name = $this->post->name('string', array(new Filter\Length(3, 32)), 'name', 'Name');
$identity = $this->post->identity('string', array(new Filter\Length(3, 128), new Filter\Email()), 'email', 'Email');
$pw = $this->post->pw('string');
$pwRepeat = $this->post->pwRepeat('string');
$longitude = $this->post->longitude('float');
$latitude = $this->post->latitude('float');
$captcha = $this->post->captcha('string');
if (!$this->validate->hasError()) {
// check whether registration is enabled
if (!$this->registry['login.registration_enabled']) {
throw new Exception('Registration is disabled');
}
// compare pws
if (strcmp($pw, $pwRepeat) != 0) {
throw new Exception('Password ist not the same');
}
// check captcha if anonymous
$captchaProvider = Captcha::factory($this->config['amun_captcha']);
if (!$captchaProvider->verify($captcha)) {
throw new Exception('Invalid captcha');
}
// create account record
$handler = $this->getHandler('AmunService\\User\\Account');
$account = $handler->getRecord();
$account->setGroupId($this->registry['core.default_user_group']);
$account->setStatus(Account\Record::NOT_ACTIVATED);
$account->setIdentity($identity);
$account->setName($name);
$account->setPw($pw);
$account->setLongitude($longitude);
$account->setLatitude($latitude);
$account = $handler->create($account);
if (isset($account->id)) {
// send activation mail
$date = new DateTime('NOW', $this->registry['core.default_timezone']);
$values = array('account.name' => $account->name, 'account.identity' => $identity, 'host.name' => $this->base->getHost(), 'register.link' => $this->page->getUrl() . '/register/activate?token=' . $account->token, 'register.date' => $date->format($this->registry['core.format_date']));
$mail = new Mail($this->registry);
$mail->send('LOGIN_REGISTRATION', $identity, $values);
$this->template->assign('success', true);
} else {
throw new Exception('Your account was added for approval');
}
} else {
throw new Exception($this->validate->getLastError());
}
} catch (\Exception $e) {
$this->template->assign('name', htmlspecialchars($name));
$this->template->assign('identity', htmlspecialchars($identity));
$this->template->assign('error', $e->getMessage());
}
}